Adobe ColdFusion CVE-2018-15961 Arbitrary File Upload Vulnerability

Adobe ColdFusion is prone to an arbitrary file-upload vulnerability.

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

The following versions are vulnerable:

ColdFusion 2018.0.0.310739
ColdFusion (2016 release) Update 6 and prior
ColdFusion 11 Update 14 and prior


 

Privacy Statement
Copyright 2010, SecurityFocus